MS16-018: Description of the security update for Windows kernel-mode drivers: February 9, 2016

Summary

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.

More information

Nonsecurity-related fixes that are included in this security update

This security update also fixes the following nonsecurity-related issues:

Fixes a deadlock in win32k.sys that can occur when multiple threads concurrently run GDI operations where font fallback is necessary (for example, when you use a character that does not exist in the selected font).

On rare occasions, WM_LBUTTONDBLCLK isn't generated the first time user double clicks the ActiveX controls.

A rounding error in GDI that occurs on x64-based computers can result in 1-pixel lines that do not render.

Some applications have missing headers in SysListView32 controls when they are accessed through Microsoft RemoteApp.

If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Windows RT 8.1, this update is available through Windows Update only.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.